how to implement login auth in node.js how to implement login auth in node.js node.js node.js

how to implement login auth in node.js


authentication node.js login

Here's how I do it with Express.js:

1) Check if the user is authenticated: I have a middleware function named CheckAuth which I use on every route that needs the user to be authenticated:

function checkAuth(req, res, next) {  if (!req.session.user_id) {    res.send('You are not authorized to view this page');  } else {    next();  }}

I use this function in my routes like this:

app.get('/my_secret_page', checkAuth, function (req, res) {  res.send('if you are viewing this page it means you are logged in');});

2) The login route: 

app.post('/login', function (req, res) {  var post = req.body;  if (post.user === 'john' && post.password === 'johnspassword') {    req.session.user_id = johns_user_id_here;    res.redirect('/my_secret_page');  } else {    res.send('Bad user/pass');  }});

3) The logout route:

app.get('/logout', function (req, res) {  delete req.session.user_id;  res.redirect('/login');});

If you want to learn more about Express.js check their site here: expressjs.com/en/guide/routing.htmlIf there's need for more complex stuff, checkout everyauth (it has a lot of auth methods available, for facebook, twitter etc; good tutorial on it here).

authentication node.js login

Actually this is not really the answer of the question, but this is a better way to do it.

I suggest you to use connect/express as http server, since they save you a lot of time. You obviously don't want to reinvent the wheel. In your case session management is much easier with connect/express.

Beside that for authentication I suggest you to use everyauth. Which supports a lot of authentication strategies. Awesome for rapid development.

All this can be easily down with some copy pasting from their documentation!

authentication node.js login

To add to Farid's pseudo-answer,

Consider using Passport.js over everyauth.

The answers to this question provide some insight to the differences.

There are plenty of benefits to offloading your user authentication to Google, Facebook or another website. If your application's requirements are such that you could use Passport as your sole authentication provider or alongside traditional login, it can make the experience easier for your users.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last